Unix Notes
(Commands and Options you should know)
<![CDATA[
To know a Unix system, you must explore it's installed programs & filesystem
(often much is installed, many users bang away at it and some software no longer works
so it's easier to learn what's important on a simpler, smaller 1-user install ie Linux)
"unix philosophy: lot of little tools, each doing 1 job very well,
can be chained [or rather, 'piped'] together in an infinite number of
combinations in order to automate any task."
Echoes all commands on your path:
tab,tab at a blank prompt (bash)
OR ls `echo $path` | sort (csh)
OR /bin/ls `echo $PATH | tr : \ ` | sort
OR /bin/ls `echo $PATH | sed 's/:/ /g'` | sort
[man -k intro] # SunOS documentation
File/Disk Manipulation:
cd <newdir>
ls -AF --colour [-lrt] [-1] [-l|-lu|-lc] pwd ($PWD)
cmu: create, modify, use timestamps (aka a=access)
ls -lc: not really creation time, actually inode change time
mv: doesn't alter cmu
cp: alters u of src, mc of dest
ln: alters cmu of link, none of src
links: get u updated on each deref/symbolic-lookup
chmod/chgrp/chown gzip+gunzip: alters c
tar/untar: alters cu to time of unarc (of dest, alters nothing of src)
vi/cat: alters u
vi-save: alters cmu
touch: alters c to now, mu to now/whatever-specified
cp [-r] [-dpRx|-ax] [-l|-s] [-u] <from...> <to> rcp
mv <from...> <to>
rm [-r] <file/dir>
rmdir <dir> mkdir [-p] <dir> (-p makes any needed parent dirs)
pico|vi|emacs [file]
ln -s <src> <dest>
ln src/* src/.* dest/ (make dest/ contain links to everything in src/)
unused files: ls -lu[r]t run util, find util/ -amin +1 | xargs rm
find <path> [condition-args] [2>/dev/null]
locate(updatedb) [glimpse - like locate but for file contents]
(see findnotes, find is powerful)
xargs [-i{}] [-n1] [-l1] cmd # runs "cmd <line>" for each line in input (brilliant, use w/find)
# Warning: don't use -i with -n or -l (-i turns -n on automatically?)
# Note: xargs is just for convenience, for complex stuff, use awk|sh eg awk '{print "echo $0; grep $0 file"}' | sh
eg find . -print0 | xargs -0 grep foo # search all files rec down from curdir for "foo"
(trick to force nulls: perl -pe 's/\n/\0/' | xargs -0)
cat -vet # shows nulls/tabs/LF/CR
strings
echo ABCD | od -t a # output: 0000000 A B C D nl
echo ABCD | od -t dC # output: 0000000 65 66 67 68 10
od -t x2 HelloWorld.class # CAFEBABE (hex)
od -t u HelloWorld.class # Unsigned words(2b)
od -t u2 HelloWorld.class # Unsigned bytes(1b)
[bpe] # hex-ed/patcher (linux)
[biew vche khexdit ghex] # hex ed's
chmod [-R] ugo +/- rwx <files...> # Common: 755 644 711 777
chmod u=g * [stat <file> -- like ls -l]
file perms: sticky=text-mem is saved, fast startup after the first run
dir perms: rx=list, x=access-no-list, w+sticky=/tmp -- write but not to other users' files
chown user[.group] <files> chgrp
chroot new_root_path [command] # use a new root dir
chroot /mnt /bin/bash # Run bash using mnt as root (eg mnt is a glibc install, bootdisk isn't)
pushd ~; ...; popd # goes to homedir, then later returns (dirs -l displays dir-stack)
tar <-tvf|-cvf|-xvf> arc.tar [files...]
gzip [-9] file.txt (becomes file.txt.gz, file.txt gone) gunzip file.txt.gz
gzip -dc arc.tgz | tar -xvvof - tar -cvf - dir | gzip -9 >arc.tgz
tar -uvf arc.tar dir zip -ru arc.zip dir # Update (only newer files) from File System
tar -t[v]f file.tar tar -df file.tar # view/diff-with-file-system
tar -xzvf - arc.tgz tar -czvf - dir # tar's "z" option replaces gzip
gzip -dc arc.tgz | tar -t[v] tar -tzvf - arc.tgz #ls contents
tar cf - . | zip a - == tar cf - . | zip >a.zip # tar&zip
unzip -p a.zip | tar xvf - . # unzip&untar
zip -r a.zip a/ # zip dir recursively
zip a.zip *.c # zip files
find . | zip a.zip -@ # zip files from a find
unzip -l f.zip # list archive contents
unzip f.zip # unzip archive
.gz:gzip(better than compress?) .Z:compress
zless zmore zdiff zcmp gzexe(compress exe, unarcs on run)
pax(Posix cpio/tar/other, portable archive interchange)
bzip2(better than gzip)
# cpio(kinda like tar)
find . | cpio -o >../arc.cpio
cat ../arc.cpio | cpio -itv # list contents of cpio
cat ../arc.cpio | cpio -iumd # unarc (just -i works in simple cases)
Note about tar (and unarcing "packages" from root eg converted rpms)
-k: keep overwritten file's ownership, doesn't make /etc /usr /bin RO if the arc says to!
-p: preserve permissions (default is some screwed up heuristic??)
Would you like to have the tar-gz not overwrite /etc /usr ownership? TOO BAD!!
file <files...>
which(where,whence) <cmd>
whereis <exe> # find the binary/exe, src, man-pages
what <exe> # exe's ident
eg:char *ident="Version: @(#)/etc/hosts.allow 1.00 05/28/93" <<ends in quote/lf/nul
#ident @(#)which.csh 1.2 92/07/14 SMI ><< gnu supports #ident directive
man -k <keyword> apropos <keyword> whatis <keyword> # keyword, simple help
makewhatis(run like updatedb) files: <mandir>/whatis
man <cmd> | less # now search highlights matches Tip: "/^ *foo" finds foo, first thing on the line
manual man: echo $MANPATH | tr : \\n | xargs -i find {} -name ld\* [-maxdepth 1]
man filters: nroff -man groff -Tascii -mandoc
Sun: ... | tbl | eqn | nroff -u0 -Tlp -man - | col -x
Linux: cat /usr/man/man1/chattr.1.gz | gzip -dc | /usr/bin/gtbl | /usr/bin/groff -S -Tascii -mandoc | less
man -f <name> # lists filenames/sections of
manual man -f: echo $MANPATH | tr : \\n | xargs -i grep -i '^ls ' {}/whatis # whatis or try windex
touch [-t [[CC]YY]MMDDhhmm[.SS]] [-r <file>] <file(s)...>
cksum[/md5sum][/sum] <file>
mdir mcopy mcd mdel [eject] # dos formatted floppy commands
fdformat -n /dev/fd0u1440 # low level format
mformat A: # Add msdos fs to low-level formatted disk (like dos format /q a:)
mke2fs /dev/fd0 # Add ext2 fs to low-level formatted disk
df [-k] [.]
du -s * du -s . du -x / >du_all
dd if=<file> of=<file> [count=#] [bs=#] [skip=#] [seek=#] # skip/ibs seek/obs
mount [[-t vfat|ext2|iso9660] <device> <mount_point> eg mount /dev/hda1 /c
fsck|e2fsck|fsck.ext2 <eg /dev/hda8>
mke2fs,mk*fs fdisk(*cfdisk sfdisk) fdformat format superformat
badblocks /dev/fd0H1440 1440 > bad-blocks
fsck -t ext2 -l bad-blocks /dev/fd0H1440
lpr lpq lprm lp lpstat cancel lpset lpget # printing
a2ps # ie cat f.ps | a2ps | lpq
(try apropos ps) enscript pstext psbook psnup ps2ps ps*
pbmtext p?m* fix* (ex fixwfwps WordForWindows)
NFS: rpcinfo -p showmount -e nfsstat? rpcclient?
(NFS progs: /usr/sbin/portmap /usr/sbin/rpc.mountd /usr/sbin/rpc.nfsd)
tripwire/aide: makes listing(name/date/size/cksum/...) of filesystem
(later checks tell altered files = brilliant security measure, similar brilliancy to backups)
(beware of a much-changing filesystem eg power Linux user eg homedirs of many people)
cksum /etc/* /sbin/* /bin/* >corefiles.cksum
cksum many_files | cksum - # generate a cksum of cksums
[quota [-v]]
mc # Midnight Commander (like Norton Commander -- 2-panel text-mode file move/copy/etc util)
Text Manipulation:
grep awk sed tr perl
[states] # like awk but with states (eg for highlighting)
perl -de0 (debug mode, allows interactive input/execution)
cat|perl - (reads perl code^Dreads input^D)
perl -pi'' -e 's/foo/bar/g' * Search&Replace on files
find . -name '*.bak' -print0 | perl -n0e unlink #rm's .bak files
grep [-l|-n|-c|-r] pat files (filenames,line#s,counts,recurse)
# '-v'=not '-e'=or(sort of) '-f <file>'=patterns 1 per line from file
# context option(also shows nearby lines): -# or -C[#] eg grep -2 foo
* In grep: ^ $ . * \( \) [ \{ \} \ \+ \| $ (may need \$ in shell) (glob-likes are unslashed)
* In egrep: | ^ $ . * + ? ( ) [ { } \
vi/sed: ^ $ . * \( \) [ \ \< \>
[:alpha:] Any alphabetic character [:lower:] Any lowercase character
[:upper:] Any uppercase character [:digit:] Any digit
[:alnum:] Any alphanumeric character (alphabetic or digit)
[:space:] Any white space character (space, tab, vertical tab)
[:graph:] Any printable character, except space
[:print:] Any printable character, including the space
[:punct:] Any punctuation (i.e., a printable character that is not white space or alphanumeric)
[:cntrl:] Any nonprintable character
eg fgrep -e cat -e dog # '-e' means 'or'
paste <files> (in columns)
tr [:cntrl:] [.*] # dump a binary file (removing unprintable ctrl chars)
tee <file> (send output to both stdout and to a file)
uniq [-c] (remove duplicate lines)
wc [-l|-c|-w] [files] (word count)
fmt [-u|-t] (word wraps text, may need a sed 's/ *//' before it to erase indent, -u=respace, -t=dif-para-logic)
fold [-s] # splits long lines (80 chars, -s=split at word-boundary)
tput <capname> (termcap function, see "man terminfo" eg lines,cols,clear; also "man console_codes")
[un]expand tabs>spaces or vice versa (using tab-stop logic)
[column -t (forces data into a table)]
cut <-c3-5,7-9|-f1,3> [-d delim] <files...>
match/remove char-columns: awk 'substr($0,n,1)=="c"' colrm [colFrom [colTo]]
sort -brnf -t ":" +2.3 # ignore blanks, reverse, interpret as decimal number, ignore case, field 2, char 3
tac # reverse lines
rev # reverse chars on each line
[tsort (topological sort?)]
tail [-f] [-c [+]N | <+|->N] head <-n|-c> N
split join csplit(regexs)
split -b 1457664 backup.tar.gz myfiles.
csplit -k gdb.out "/(gdb)/" "{999}"
dirname basename name [suffix]
nl [-ba] # Number Lines, like 'cat -n'
sed -e 's/foo/bar/g;s/bar/foo/g'
sed -n 's/foo/bar/gp' # -n=noPrint(print only matched lines?), p=print
sed -e '/junk/d' # delete
diff patch diff3 comm cmp [splat replace (rare search&replace utils)]
diff [-c|u] [-d] [-s] [-q] [-p] file1 file2
diff [-r] dir1 dir2
[filemerge <f1> <f2> (nice X-based merge util)]
uuencode uudecode [mimencode/mmencode, replaces uu*code]
[des] # des encrypt
less more # v=vi /,?=search q=quit rtn/space=scroll b=back #d=skip # lines(goto) less: gGm'
-N -n : line numbering hotkey in less (on/off) left/right shift the document too :<#lines>
script (logs this tty, like "$SHELL | tee log")
[cryptdir] [crypt] (encrypts a file, breakable by an expert, use PGP instead)
[ssleay] # Encrypt/Decrypt (blowfish des_ede3 rc2 rc4)
gettext [domain] <msgid>
# SunOS CLI formatted-input commands: (ck*)
ckyorn(Y/N) ckpath ckdate cktime ckuid ckgid ckint ckrange(eg2-6) ckstr
item=`ckitem -f menu_list` # choose a number from a numbered menu
FMLI: Form and Menu Language Interpreter # SunOS script lang
$COLUMNS, $LINES (automatic shell vars for screen size)
==/=, !=: string csh/sh(test), numeric perl
>, <=..: numeric csh/perl
eq gt..: string perl
-eq -gt..: numeric sh(test)
test: -f file -d dir -r|-w|-x file|dir -a=and,-o=or
# Why "a$VAR = a" sh-scripting convention exists:
[ $FOO = "" ] # fails (under old sh)
[ $FOO = "FOO" ] # fails when FOO=""
[ a$FOO = a ] # works
About users:
w uptime who ps users top [pstree]
[ico (X gfx demo for speed comparison)]
id uname [-a] tty hostname $LOGNAME $SHELL logname whoami [$USER]
env # displays environment
env -i [command] # runs command with no env
unset `env | sed 's/=.*//'` # clears bash env
env >env.mar30.FooCompEnv
source env.mar30.FooCompEnv # fails if any var-values contain spaces/$/!
# To handle spaces/weird-chars: (do either one)
env | sed -e 's/=\(.*\)$/="\1"/' >env; source env
env >env; eval `sed -e 's/=\(.*\)$/="\1"/' <env`
printenv
su [-] ><username> [login] # Switch to another account (see /etc/suauth)
[sudo] # just like su only it "remembers the password" for you for a short while
passwd
chsh
ch*
[mkpasswd]
ps -ef, ps auwx, ps cx
ps -e[f]H, ps -eHo "%P %U %y %c %a", ps -a, ps -efH | fgrep -v -e \? -e getty
[pstree]
last [-50] [username] # last logins to the computer
lastlog # last login by each person to the computer
rwho rusers ruptime rup
yppasswd ypmatch ypcat [-x|uid passwd]
Client/Server: ypbind Server: ypinit -m ypmake ypserv
vmstat dmesg procinfo(linux) iostat(SR5) [pstat] [mpstat]
[free] # Linux mem info
[sag] # (SR5) system activity graph
[sar] # (SR5)system activity reporter
kill -<0|1=HUP|2=INT|9=KILL> <pid> # 0=pid used? 15=TERM=default
kill -9 -1 # kill all but current pid
ldapsearch [-L] -h `findDSA` [-b "o=*"] "(cn=Jo*)"
# `findDSA` should return the local LDAP server
# (look for this in a LDAP-enabled mail client)
# -b has a default, otherwise choose all
# -L should be the default
# cn (Company Name) is a common field
# use "Jo*" rather than "*" to get only a few records
# (we only need 1 to read off the available field names)
# (& a b c (| d e f)) o=Co,cn=Name
ldapmodify
Development:
gcc -c -o -g(gdb) -pg(gprof) -Wall -Idir -Ldir -larg(libarg.a)
-S(assem)
-E(preproc): -H(shows includes) -dM -d(D|N) (shows defines) -C(keep comments) -P(no #line's)
-MM[D](gen makeline)
-shared(-G) -O# (0-3, optimize)
--verbose (-v? to show gcc/collect2/etc actually does eg libraries linked to, actual objects linked to)
-static (ld -B static) (ld -no_so) (cc -non_shared) (gcc -mno-shared-libs) # uses static libraries
-d* (eg -da all, -dm dump mem stats at end)
-Bcompiler_dir (for cpp/cc1/cc1plus/as/ld)
gcc -print-file-name=libc.a
gcc -print-prog-name=cpp
Neat Info on what g++ calls/does: g++ --verbose
Compile(g++): cpp; cc1plus; as
Link(g++): collect2; ld
Neat Info on Linking(lib search): collect2/ld --verbose
gcc dirs/files: (from end of man page)
TMPDIR/cc* temporary files
LIBDIR/cpp preprocessor
LIBDIR/cc1plus compiler
LIBDIR/collect linker front end needed on some machines
LIBDIR/libgcc.a GCC subroutine library
/lib/crt[01n].o start-up routine
LIBDIR/ccrt0 additional start-up routine for C++
/lib/libc.a standard C library, see intro(3)
/usr/include standard directory for #include files
LIBDIR/include standard gcc directory for #include files
LIBDIR/g++-include additional g++ directory for #include
LIBDIR is usually /usr/local/lib/machine/version. (see g++ -v)
TMPDIR from env var TMPDIR (default /usr/tmp if available, else /tmp).
cc(standard unix c compiler) gcc make g++ CC(HP)
ar cr l.a *.o (create a static library) [ranlib l.a]
ar ruv l.a *.o (update a static library)
ar tv l.a (list archive contents or try objdump -a l.a)
ar x l.a [files] (extract files from an archive)
ld -r a.o b.o -o c.o # 2 objects become one
ld -L (erase default lib dirs) -Ldir (add lib dir) -lname (looks for libname.(so|a) ) *.o -o a.out
(ld: -c linker-command-language-file)
make [-dn|-pn] (see make_notes)
flex(lex)(Lexical Analyzer) bison(yacc)(Yet another compiler compiler)
ldd <exe>(show deps)
ldconfig [-p] (updates lib-path-cache)
nm [-A|-C|u|g] <exe>(shows symbols) strings <exe> | grep lib(shows deps)
nm object.o | c++filt # c++filt [symbol] demangles symbol names (like nm -C)
objdump -s|x|i|d|t|... [elfdump]
# s=hexdump, Sr=hexdump w/relocs, x=headers, t=symtable, R=dyn relocs, r=static relocs
# converts objdump symbol-info into format: "size-in-decimal symbol-name"
# (useful for adding up the size of all methods in a certain class)
objdump -tC file.o | perl -ne 's/.{18}\S+\s+([0-9a-f]+) (.*)/print hex($1)." $2\n"/e' | grep -v ^0
# shows functions in an object: (from assembly code)
cat file.s | c++filt | grep ':$' | grep -v '^\.' | cut -b -79 | less
objdump --disassemble file.o less file.s # view assembly
# 3 stats for an object: ls -l f.o, size f.o, size-sum-of-symbols(from nm/objdump)
# ls-l includes the symbol table ie 30%-100% size increase, size ~ size-sum
ls -l file.o;size file.o;nm file.o (gnu doesn't show size, try objdump -t);objdump --disassemble file.o
readelf [-a|-d] <exe> # a=all d=dynam
strip <exe>(removes symbol junk)
size <exe> # shows size of text,data,bss sections
time <command> [args] # time a command (user+sys+wall time)
[timex] # similar to time
gdb [a.out [core]] # excellent cli debugger
[ddd] # excellent debug gui
(What cores are for: gdb a.out core<cr>bt<cr>)
./configure, make, make install (standard installation proc)
[dis <exe/obj>] # disassembler
[mkstr] # SunOS, processes C files, extracts error("..."), writes a error-file
# and replaces the error-call with error(file_offset) for lseek-ing
strace(|truss|ltrace) <command> [args] # display system calls called by a command
"LD_DEBUG=all ls" # shows dyn-linking (also files, symbols)
eg truss -t1 -tread,write -u libFoo -u '!libc'
eg truss -topen,close
eg strace -ff -v -x -a 40 <cmd>
[pstack] # prints the stack of a running process
ptrace #command debuggers are based on (see PTRACE_SINGLESTEP)
BFD,elf can be used to examine exe's (http://www.eccentrica.org/Mammon/tales/LinuxTale2.txt)
[f77] # Fortran (see also lapack for linear algebra)
-- [cvs (login get update commit add remove) $CVSROOT]
export CVSROOT=":pserver:joe@server.com:/var/cvs"
cvs login # stores password and CVSROOT in ~/.cvspass until logout
cvs [-z3] get <project_name> # grabs a copy of everything
cvs update [-PAd] # updates your copy from the repository
cvs commit -m 'Message saying what you changed.'
cvs add filename # after creating file
cvs remove filename # after removing file
cvs add -d dir # after creating dir
cvs log <file>
cvs history -f <file> -c -a
cvs diff -r1.0 -r 1.1 <file>
cvs diff -D '24 hours ago' <file> # doesn't work right?
# Reverting to an older version:
# (you make want to do a diff/rdiff first w/o patching directly)
cvs rdiff -r1.123 -r 1.124 c415 | patch -R
--
[ctags(esp vi/emacs lookups) [c]xref cproto cross cscope cprint] [ixfw xscope]
# etags/ctags *.[chi]* tags-search, tags-query-replace, M-','(tags-loop-continue), tags-query-replace or C-] (C-T back) for vi
[calls] # parses c-code, shows call-tree, variables
[cflow [-ix|-r]] # shows func call graph by interpreting source-file+includes
[ctrace foo.c >tmp.c;cc tmp.c] # adds trace statements to source` (sun command)
indent -di1 -d0 -nfc1 -br -kr -i8 -l80 -lc80
http://www.xs4all.nl/~carlo17/indent/indent.html#IDX21
[pstruct c2ph] filters stabs-info into structs+struct-alignment in c/perl
gcc -gstabs -S t.c; cat t.s | <stabs-filter>
cxref example:
a.c
1 main()
2 {
3 int i;
4 extern char c;
5
6 i=65;
7 c=(char)i;
8 }
NAME FILE FUNCTION LINE
c a.c --- 4- 7=
i a.c main 3* 6= 7
main a.c --- 2*
cscope example: "cscope *.[chi]*"
Find this C symbol: printf
Find this global definition:
Find functions called by this function:
Find functions calling this function:
Find this text string:
Change this text string:
Find this egrep pattern:
Find this file:
Find files #including this file:
Network:
nc(nc -v[vr]zw 1 <host> <ports>, 21-23, 79-80, 111auth, 139smb, 513rsh, 517nfs) (7-139, 6000-6010x-redir)
nmap (portscan) -sT -sS -sF -sX -sN -sU -I
echo QUIT | nc -v -w 5 target 20-250 500-600 5990-7000 # shows initial output from each port
traceroute ping arp
ifconfig, ifconfig eth0 172.16.0.1 netmask 255.255.255.0 broadcast 172.16.0.255
ifstatus
netstat -t[e][a] (connections) -s (summary) -M (masq) -r[n] (routing) -i (devs) -a[n] (all sockets) -l (listening servers)
route -n, route [add] [default] <host>
ipmask <mask> <ip> # tells you network/broadcast address
tcpdump
netwatch
ftp bin hash prompt mget/mput * lcd !ls !mkdir quit pipes+get/put(send+arc/retr+dearc)
put "|tar -cf - dir|gzip" dir.tgz get dir.tgz "|gzip -dc|tar -xvf -"
ssh/ssh1/ssh2 <address>
ssh public-private-key-auth: (.shosts/.rhosts/hosts.equiv are used in addition to this)
ssh-keygen2 -P; echo "idkey id_dsa_1024_<letter>" >.ssh2/identification
scp2 ~/.ssh2/id_dsa_1024_<letter>.pub server_machine:.ssh2/
ssh2 server_machine 'echo "key id_dsa_1024_<letter>.pub" >~/.ssh2/authorization'
telnet <address>
rlogin <address>
rsh <address> <command> (remsh, xrsh)
.rhosts (or /etc/hosts.equiv) # (insecure to ip-spoofing, allows rlogins w/o password from certain machines)
host uid # or just "host" for /etc/hosts.equiv
eg copy-recurse between machines: find <path> | cpio -o | rsh <system> cd <path> ";" cpio -iumd
uucp (Unix to Unix copy, sort of like rcp or ftp, old command)
mesg <y|n> write user [tty] talk user[@dest] finger [user]@host.com
mailx [-s Subject] user@host.com <file (other non-standardized options)
[mail user@home.com ><file] # send ascii file
[mailto] # like 'mail'
[metasend] # metasend files as MIME
fetchmail -p POP3|IMAP [-k] [-v] [-d seconds] ><server></server> (mail retrieval: reads from mail svr, sends to localhost MTA--smtp:25)
[fetchmailconf (X cfg util)] ~/.fetchmailrc: user, pass, forcecr(qmail)
[mconnect <host>] # like 'telnet <host> 25' (sendmail) cmds: /etc/mail/sendmail.hf
[from] # Display newly arrived mail (SunOS?)
lynx pine tin [elm nn]
slrn [-n -C] # nice color news reader (esc1enter=showRead,l=toggleReadGroups,f,P,q,Q,?,Agroupname,LsearchBroken?)
[ftpwho ftpcount ftpshut] # wu ftpd commands (Linux)
pppd /dev/tty0 mru 1500 mtu 1500 defaultroute asyncmap FFFFFF
# smbclient connects to Samba/NetworkNeighborhood Shares:
# Don't forget "-W ntdomain" to authenticate to the NT domain for NT machines
# (a workgroup is not a domain and "-W workgroup" should not help)
# ("Access denied." Error)
smbclient -L ServerName [-I ip] [-N] [-W ntdomain]
smbclient //ServerName/ShareName [-I ip] [-N] [-U pcguest]
smbclient -M User
smbstatus testparm smbd/nmdb (mps mbd) /etc/smb.conf
smbmount //ServerName/ShareName /mnt ...(smbclient options)
smbclient -L machinename -I machineip -U 'cyallop' -W ntdomain
nmblookup (similar to nbtstat for dos)
note: 00=hostname, 03=username, 20=sharing is on
name>ip: (name = netbios-name = NetNeighborhoodName)
nmblookup [-B broadcast] <name>
ip>name:
nmblookup [-B broadcast] -A <ip>
server-list:
nmblookup [-B broadcast] -SM - (master browser) smbclient [-I <master-ip>] -L <master-name> [-N]
or
nmblookup \* # then for each ip: nmblookup -A <ip>
or
nmap -p 139 172.16.1.\* # then for each ip: nmblookup -A <ip>
(this is the most reliable way, finds "hidden" no-lm-announce servers)
(Windows boxes using only ipx-netbios won't be seen with nmblookup/nmap/smbclient)
# nmblookup-broadcast was .05s, nmap A.B.C.\* was 9.65s (nmap 1.51)
The nmap/nmb ip-lists are similar. When 2 nmb's are done, one immediately
following the other, their lists are a bit different. I suspect this is
true for nmap as well. (10s latency makes it harder to test)
(I can see why Windows remembers machines from previous attempts.)
# smbls:
# Pipes 'nmblookup \*' IPs through 'nmblookup -A' so names are reported:
nmblookup -B 172.16.1.255 \* 2>/dev/null | grep 00 | grep -v 0.0.0.0 | cut -d" " -f 1 | sort | xargs -l1 killslowpokes nmblookup -A 2>/dev/null | fgrep -v GROUP | fgrep 00
# kills laggers: '-l1 killslowpokes' (is optional, needs killslowpokes script)
nmblookup -A is sometimes quick, sometimes slow(few seconds) and sometimes
fails after several seconds The killslowpokes is a shell script, meaning
lots of shell-spawns but the improvement from lagging nmblookup's
outweighs it's many shell-spawns
# The kill script brought it from 47s to 18s(last 6s added nothing)
# recursive dl-ing/mirroring:
(cd /downloads/; ncftp -C -r -d 60 'bookmark_name:/*')
wget -P/downloads/ -t inf -c -r 'ftp://name:pass@site/*'
DNS: (host, dig, nslookup)
host 1.2.3.4 or host www.microsoft.com (or ping www.microsoft.com)
dig fbi.gov any any
host [-l] -v -t any example.com (see man named)
nslookup -type=any example.com (see DNS-HOWTO)
dnsquery -t any -v example.com
host -l -v -t any example.com # -l sometimes fails
[nstest?]
Shell Commands:
echo hi there
printf "%-.5d" 5
exec <cmd>
alias # (sh/csh syntax is different)
umask XYZ # 022=default 077=secure
eg printf "%X\n" 36 printf "%u\n" 0x24
eval `echo ls`
Job Control: jobs fg %1 bg %1 ^Z
csh -l bash --login (login shell)
csh -f bash --norc --noprofile (no rc files)
csh -V (verbose echo-all, even init)
sh -v # echoes commands before executing them (even init)
# blow away environment:
env -i sh env -i csh -f
#!/bin/sh # without this, the shell may just spawn to run the script (difference in $0, speed)
shell glob expansion:
ls {a,b}[0-9]* # any file starting with: a0 a1 .. a9 b0 .. b9
# like this regex(re): \(a\|b\)[0-9].*
# like this eregex(ere): (a|b)[0-9].*
test -r|-w|-x <file> && echo yep # some file tests (-e is not in older-test versions)
test a = a -a a != b && echo yep # some string tests
X:
xlsclients # eg for detecting remote xkeys connected to your display
[xlswins]
xwininfo -root -tree | fgrep -v '()'
xwininfo -id $WINDOWID (only in CDE?)
xsetroot -solid "midnight blue" (showrgb)
xv -root pic.gif -max -quit
startx -- :1 Starts X using display 1 (rather than 0)
xprop Window/X-environment Info (Allows user to click on desired window)
xprop -root -spy CUT_BUFFER0 Spies on their clipboard
xprop -name mywin Tells info on window named mywin
xkill -id num Kills Window with Id num, use xlswins/xprop to get the id
xkill Kills the next window clicked on AND IT'S CREATOR
xkill -frame Kills the WINDOW MANAGER (boots them off) next time they click
xkill -root -frame Kills the WINDOW MANAGER (boots them off)
xmodmap Changes the key's meanings
xmodmap -e "POINTER= 4 5 6" Disables Mouse Buttons
xset m 0 0 Disables Mouse Movement
xset s 1 Screen Blanker to 1 second
xset Shows xset control flags
xdpyinfo # screen/server info
xkbprint xkbcomp setxkbmap # keymap management
xev(prints all xevents for a window) [xkbevd(does actions on xevents)]
xclipboard(monitors clipboard, lets you save different clipboards -- crappy?)
[xselection PRIMARY]
xlsfonts xlsatoms # odd x-info commands
appres editres listres xrdb .Xresources .Xdefaults # for old X-resource widget/classes config
[lbxproxy # low bandwidth x proxy]
xauth merge ~fool/.Xauthority # merges in fool's public-readable .Xauthority (you get access to their display)
xauth list
xauth add dpyname protoname hexkey
ie xauth add app_server_ip:0 MIT-MAGIC-COOKIE-1 deadbeef
# sort of locks the screen:
xset m 0 0 && xclock -bg black -fg black -display 0:0 -g 10000x10000+0+-50
Misc:
man [-f|-k|[-s] section] command ("man<cr>" or "man man" displays options)
info <command> Emacs Info, similar to man
newgrp(sets currently used group)
[dialog (linux, a wonderful text-interface util -- msg/menu/file/input/checkmark/radio box)]
getconf <arg> [path] # ARG_MAX LINE_MAX _POSIX_VERSION
stty [+|-]<code> stty -a (list current) # Set tty settings
stty erase "^?" # <Press Backspace
xmodmap -e Delete = Backspace"
xmodmap ><--help|-grammar|-pke>
stty erase "^H" kill "^U" intr "^C" eof "^D" susp "^Z" dsusp "^Y" #werase "^W"
^8 = ^? ^h sometimes equals backspace (^? is the new backspace keystroke, so ^h can be help)
echo -n Password:;stty -echo;read line;stty echo;echo (line=$< in csh)
kbdrate -r 30 -d 250 # set linux keyboard repeat
#stty modes: (see 'stty --help' and 'man stty')
# -icanon|cbreak: getchar() returns after 1 keypress, not line based
# ('stty icanon|-cbreak' undoes it)
# raw: same as -icanon -ignbrk -brkint -ignpar -parmrk -inpck -istrip -inlcr -igncr -icrnl -ixon -ixoff -iuclc -ixany -imaxbel -opost -isig -xcase min 1 time 0
# -echo: no input chars echoed
# stty sane reset # reset term io flags
# When CBREAK is on, input from a read will be immediately available to
# the program, when off the input will be buffered until newline occurs.
# RAW is the same as CBREAK, except that in RAW mode no special character
# processing will be done.
clear
tset # odd terminal initialization command, allows figuring out where you're from(tty), mapping that to certain TERM values (bsd-origin)
true false yes
logger "Log Message" # syslog from the cmd line
expr <math-expr> # eval simple math eg expr \( 1 + 3 \) / 2 \* 3
bc (Bison Calc, scale=8, ibase=?, obase=?)
dc (RPN Desktop Calc)
[cvtbase <d|x|o|b> <d|x|o|b>]
[sc == console spreadsheet calculator]
ispell [-a] # console spell checker (eg echo ticckle | ispell -a)
regcmp # gen c-code(array of numbers) for compiled regex (faster runtime)
date # prints date
date -s hh:mm:ss # set time
clock -w # write time out to CMOS clock
clock -s # set time from CMOS clock (happens on bootup)
clock -a # set time from CMOS clock, adjusting by offset set in /etc/adjtime (see man clock)
ntpdate <ntp-server> # sets time from a ntp server (simple, quick way to synchronize)
ntpdate time.chu.nrc.ca (NRC in Ottawa) #time-A.timefreq.bldrdoc.gov (Boulder, CO)
ntpd #periodically syncs time between computers(eg client-server ntp, it has many options)
#NTP Servers: http://www.eecis.udel.edu/~mills/ntp/servers.htm
# (see Clock Linux-mini-hwto)
nice -n delta command... (prio -20high to 20low, 0default)
renice <prior> <pid...>
renice <prior> -u <userid...>
nohup <cmd> [args] & # continues after logout (ignores hup signal, sends stdout,stderr to nohup.out)
crontab <-l|-e> (/var/spool/cron/crontabs/*) (man crontab)
# MIN(0-59) HOUR(0-23/interval) DAY(1-31,mon-wed) MONTH(1-12) DAYOFWEEK(0-6,0=Sunday) COMMAND
eg 55 14-18/2 25,26 12 * exec /usr/X11R6/bin/xeyes -display :0 &
(note PATH and DISPLAY may not be properly set)
("exec blah" names process name from "sh -c blah" to "blah")
at [-f script] TIME
atq(list at-jobs) atrm(rm at-jobs) batch(when low load <.8) (run every 5min by cron)
TIME: now noon midnight HH:MM HH<am|pm> DD.MM.YY month-name day [year] [+ count <minutes|hours|days|weeks>]
10am Jul 31 14:32 + 13.05.02
at 4am + 3 days <<EOF
...
EOF
(sleep 60;echo This terminal is alive)& # joke in .login
[audioplay audioconvert audiorecord]
kbd_mode -a (OFF) -u (ON) (Sun) Disactivate/Activate Keyboard (actually it changes the keymap, so -a is used for a normal terminal, -u is used for X-Windows)
remsh host wincenter -resolution 1024x768 # Wincenter (X redirection from NT)
xconsole (displays messages meant for the console)
kernel info: /proc(linux) syscall?(bsd) # eg actual executable running (if it was symlinked ps will show the symlink name)
fuser [-v] # show uses of a file in Linux
[lsof] [ofiles? off?] # list all open files (and devs and sockets -- good sec/sys info!)
[fstat/lstat] # same as c-calls
ttysnoop, ttysnoopd(replaces in.telnetd) script file, tail -f file
[miniterm] (simple linux term program)
[vgetty] # fax/answering-machine/dial-up (auto detect, configurable) (only Linux?)
Informix stats
onstat
- database engine status
-d disk stats
-P cache stats
-F flushers
-R ?
oncheck
-pT info, cache load
-pe extents
System V ipc:
ipcs: status of all System V IPC objects
ipcs -q: Show only message queues
ipcs -s: Show only semaphores
ipcs -m: Show only shared memory
ipcs --help: Additional arguments
ipcrm ><msg | sem | shm> <IPC ID> # remove IPC object from kernel
# ps to pdf:
C:\aladdin\gs6.01\bin\gswin32c -dNOPAUSE -dBATCH -sDEVICE=pdfwrite -sOutputFile=C:\output.pdf -f C:\input.ps
---
#From LDP:lpg (has nice simple examples of each)
# simple kernel structures for ipc; identified by a system-wide id (you'll likely generate it from a file_inode&devnum + user_specified_char)
# Message Queues: an internal linked list within the kernel's addressing space (msgget,msgsnd,msgrcv)
# Semaphores: counters used to control access to shared resources by multiple processes(locking mechanism) (semget,semop)
# Shared Mem: the mapping of an area (segment) of memory to more than one process (shmget,shmat,shmdt)
# by far the fastest form of IPC, because there is no intermediation (i.e. a pipe, a message queue, etc)
The "swiss army knife" ioctl (input/output control):
(You more often need ioctl for special files than for regular files)
ioctl(unsigned int fd, unsigned int request, unsigned long argument)
Special files are mainly found in /dev and /proc. They differ from
regular files in that way that they hide an interface to a driver and
not to a real (regular) file that contains text or binary data.
FIONREAD ioctl number of characters waiting to be read, but only works
on terminals, pipes and sockets
The O_NONBLOCK flag can be used in an open/fcntl call to disable the
default blocking action
Standard Etc Files: (etc=Edittable Text Configuration)
/etc/inittab /etc/rc.d/* (rc.local, rc.S) /etc/fstab /etc/syslog.conf
/etc/issue(on login, before prompt, welcome/sysinfo) /etc/motd(before login, problems/warnings)
/etc/resolv.conf /etc/hosts /etc/services /etc/inetd.conf /etc/protocols
/etc/passwd /etc/groups /etc/shadow /etc/gshadow /etc/skel/* /etc/suauth
/etc/securetty (ttys where root is allowed) /etc/ftpusers (allowed to ftp)
/etc/hosts.equiv /etc/hosts.allow /etc/hosts.deny
eg
/etc/hosts.allow ALL:127.
/etc/hosts.deny ALL:ALL
/etc/shells (trusted shells you can chsh to)
/etc/named.conf /etc/nsswitch.conf /etc/host.conf /var/named/*
/etc/smb.conf /etc/printcap /etc/termcap
/etc/magic (file format info for 'file <file>') /etc[/X11]/XF86Config /etc/lilo.conf
/etc/profile /etc/csh.login /etc/csh.cshrc
/etc/printcap /etc/termcap (man termcap|curs_termcap|terminfo)
/etc/mtab (mounted filesystems, 'mount')
/etc/sysconfig/network (SR5,RH)
Useful Linux Dirs:
/usr/doc/HOWTO
/usr/src/linux /usr/include
Weird Locations: /usr/X11R6/lib/X11/xinit/ /var/X11R6/ /usr/lib/lynx /var/lib/apache
/usr/local/lib/amiwm/system.amiwmrc
/usr/X11R6/lib/X11/rgb.txt
Linux System Structure:
/bin, /sbin, /lib: core
/usr/bin, /usr/sbin, /usr/lib: system installed (ie rpm/etc)
/usr/local/bin, /usr/local/sbin, /usr/local/lib, /usr/local/games: local machine programs, user installed?
/var/lib/rpm/fileindex.rpm(RH) /var/lib/rpm/packages.rpm(RH) /var/log/packages/* (slack)
Security Attacked Files:
/etc/passwd /etc/exports /etc/hosts.* /etc/inetd.conf /etc/hosts /etc/group /etc/shadow /etc/lilo.conf /etc/securetty(ttys ttytab) /etc/ftpusers /etc/suauth
/etc/rc* /usr/lib/X11/xdm/Xsession(xhost +) /etc/profile /etc/csh.cshrc /usr/lib/cron/crontabs
/var/log/messages /var/log/xferlog /var/log/[wu]tmp [/var/log/syslog /var/log/debug]
/usr/adm/sulog /usr/adm/loginlog /usr/adm/errlog /usr/adm/culog /usr/mail/
~/.rhosts ~/.plan ~/.profile ~/.*rc
Security Attacked Uids:
root uucp ftp daemon bin sys adm admin sync nuucp demo umountfsys test tmproot reboot install
user anon guest games
rwho finger who
common admin email accounts:
ROOT
ADMINISTRATOR
POSTMASTER
WEBMASTER
DirNames:
.xx .mail ... ".. " ..^G" "-i<cr>"
XF86 Req'd Files:
xsvga.tgz xbin.tgz xcfg.tgz xfnts.tgz xlib.tgz [xset.tgz xvg16.tgz]
Common Overuse Hacks:
Fork-Bomb (sh $0 & sh $0 &)
Eat-Mem (while(1){malloc(1024);})
East-Disk (while :;do;mkdir x;cd x;done)
Classic fake-login Hack: simulates login screen, records passwords
chown: Note that anyone can chown/chgrp their files to "frame" another user.
Suid-bit: when set on an exe, anyone who runs it gets the owner's privileges
Standard Man Pages: (text w/optional troff cmds)
NAME (1 line)
SYNOPSIS (args, howto use)
DESCRIPTION
OPTIONS (descriptions)
EXAMPLES
SEE ALSO
FILES
BUGS
AUTHOR
---
POSIX:
(See unixapi_notes.html)
#'man standards': (SunOS 5.7)
IEEE Std 1003.1 and IEEE Std 1003.2, commonly known as POSIX.1 and POSIX.2.
POSIX Standard Description Release
POSIX.1-1988 system interfaces and headers SunOS 4.1
POSIX.1-1990 POSIX.1-1988 update Solaris 2.0
POSIX.1b-1993 realtime extensions Solaris 2.4
POSIX.1c-1996 threads extensions Solaris 2.6
POSIX.2-1992 shell and utilities Solaris 2.5
POSIX.2a-1992 interactive shell and utilities Solaris 2.5
POSIX Standard Feature Test Macros
POSIX.1-1990 _POSIX_SOURCE
POSIX.1-1990 and _POSIX_SOURCE and
POSIX.2-1992 C-Language _POSIX_C_SOURCE=2
Bindings Option
POSIX.1b-1993 _POSIX_C_SOURCE=199309L
POSIX.1c-1996 _POSIX_C_SOURCE=199506L
(1003.1b used to be 4?)
(5,9: Ada, Fortran versions of 1)
Solaris releases 2.0 through 7 also support the interfaces specified by
the System V Interface Definition, Third Edition, Volumes 1 through 4
(SVID3). Note, however, that since the developers of this specification
(UNIX Systems Laboratories) are no longer in business and since this
specification defers to POSIX and X/Open CAE specifications, there is
some disagreement about what is currently required for conformance to
this specification.
--
NLS: Native Language Support
I18N: Internationalization (English>ForeignLang, gettext)
L10N: Localization (eg CurrencySymbols,NumberFormats,Metric/Other,DateFormats)
International Date Format (ISO 8601:1988): CCYY-MM-DD
International Time Format (ISO 8601:1988): 24 hour (00:00-23:00)
(1999-01-15T24:00 is the same instant as 1999-01-16T00:00)
Ambiguous US Date Format: MM/DD/[CC]YY
eg 05/06/96 May6 or June5??
Ambiguous US Time Format: HH:MM(pm|am)
eg 12:00 a.m. Is that midnight or midday??
Meaningful Word Date: October 7th 1996
---
DNS notes
Addtional Info if for fields you think they'll ask for next.
eg provide IPs(A) with NS query
CNAME cannot have other RRs with it (MX/NS)
keep in-addr.arpa PTRs correct
---
Some Useful Linux Logs:
/var/log/: messages xferlog lastlog(lastlog) wtmp(last -15) utmp(who)
Rename X-term Title Bars: (or Iconic labels=1, 0=Both)
echo "ESC]0;TEXT^G"
xc/doc/specs/xterm/ctlseqs.ms
Setting rxvt|xterm|XTerm ~/.Xdefaults:
emacs*font: -misc-fixed-*-*-*-*-20-*-*-*-*-*-*-*
rxvt*font: -*-*-*-*-*-*-20-*-*-*-*-*-*-*
#rxvt*font: linux8x16
#rxvt*geometry: 156x62+0+0
rxvt*saveLines: 1500
rxvt*background: black
rxvt*foreground: white
rxvt*scrollBar: true
rxvt*reverseWrap: true
rxvt*titleBar: false
rxvt*VT100.Translations: #override\n\
<KeyPress>Prior : scroll-back(1,page)\n\
<KeyPress>Next : scroll-forw(1,page)
alt-right-click/right-click-titlebar(fvwm) or alt-mid-click(kde):
raise/lower window (cycle thru windows) (kde alt-tab is cooler)
How to set up a web-server: http://hoohoo.ncsa.uiuc.edu/docs/setup/OneStep.html
(SunOS 5=Solaris 2, name switch to Solaris)
"In my experience, perhaps 25% of applications build "right out of the
box". Another 50% or so can be "persuaded" to build with an effort
ranging from trivial to herculean. That still means a significant
number of packages will not build no matter what."
(YES, I'm not the only one!)
"Use sh for anything that could fit in a make file
Use perl for anything else"
#pragma ... # arbitrary implementation defined behavior (esp compiler/assembler)
http://bat710.univ-lyon1.fr/~ascil/cpp/cpp_37.html#IDX84 "#unassert predicate"
# gnu assertions, predicates(system, cpu, machine)
Note: you can open an exe and run any func/expr you want in it using gdb (brings new meaning to "c-shell")
Pine setup:
inbox-path: {pop.server} {pop.server}INBOX
nntp-server: news.server *{news.server/nntp}[]
# View first, then run history match: (silly but useful trick)
echo !g
!g
# !$=last arg of last cmd
# (!$ !* !^ !:3-5 last all first range)
vim file.c
chmod u+w !$
gcc !$
# look for something in history: (useful/common trick, works in old shells too)
history|grep find
# tip: use search(Cs /) constantly to move your cursor (in an editor)
===== Examples:
Finds all PATH definitions in people's configs:
grep -n PATH ~/../*/.* 2>/dev/null
mv *.htm *.html:
/bin/ls -d *.htm | sed -e 's/*/mv & &/;s/htm$/html/' | sh
Prints c funcs/classes/typedefs: (note the $1="" trick!)
ctags -twx prog.cc | awk '{$1="";$2="";$3="";print $0}' | cut -b 4-
(ctags isn't perfect misses ...::<cr>funcname(...) )
Adds headings to 'ls -l':
(printf "PERM LINKS OWNER GROUP SIZE MONTH DAY HH:MM NAME\n" ; ls -l | sed 1d) | column -t
# Replaces current Xterm, Kills Xterm History:
alias cx 'clear;(dtterm `xwininfo -id $WINDOWID|grep geometry`&);sleep 1;exit'
# Clears screen, kills shell history:
alias c "clear;cd $HOME;exec $SHELL"
Sets up xauth: (in .login)
if ("$XCHOICE" == "mit") then
set HOST = `hostname`
# Bad keys once in a while -- odd number of hex chars? (X fails to start up and hangs, must be remotely kiled)
# set randomkey = `perl -e 'srand; printf int(rand(1000000000000000000))'`
set randomkey = `perl -e 'srand;$_=sprintf("%8X%8X\n",int(rand(4294967295)),int(rand(4294967295)));s/ /0/g;print'`
xauth add $HOST/unix:0 . $randomkey
xauth add $HOST":0" . $randomkey
xinit -- -auth $HOME/.Xauthority
endif
Calculate install space:
find / -mmin -30 -type f | grep -v /proc > newfiles
#find / -mount -exec test {} = /proc -o {} = /home -o {} = /tmp \; -prune -o -mmin -30 -type f -print >newfiles
[remove na files]
cat newfiles | xargs du -k -s | awk '{s+=$1}END{print s}
Full File Dir Structure: (see also tripwire/aide)
ls -laR / | gzip -9 > /mnt/floppy/file-list-`date +'%b %e'`.lst.gz
Find new files since last checkpoint:
Checkpoint: touch .last_checkpoint
List New Files: find . -newer .last_checkpoint
find . -newer .last_checkpoint -type f | tar -cf delta_`date +'%Y-%m-%d_%H-%M'`.tar --files-from=-
find . -newer archive.zip -type f | zip -ru archive.zip -@ # adds/updates an archive
zip -o archive.zip # Sets arc mod-time to newest file it contains (ie you cp/ftp'd the arc and lost it's real mod-time)
# Manually do a "diff -qr":
# (eg files are on separate machines, you don't want to copy/tar the files,
# just the files' checksums to check for differences) (eg like tripwire)
#
# Should be(I wish): cksum -r dir1 >1; cksum -r dir2 >2; dirlistcompare 1 2
#
# (Find added/removed/altered from two similar dir-structures)
# First get 2 '<cksum> <size> <./path/filename>' listings called 1,2 eg:
cd dir1; find . -type f -print0 | xargs -0 cksum >1
cd dir2; find . -type f -print0 | xargs -0 cksum >2
grep -v -f 2 1 | cut -f 3- -d" " >1-2
grep -v -f 1 2 | cut -f 3- -d" " >2-1
grep -v -f 2-1 1-2 >1only
grep -f 2-1 1-2 >1and2altered
grep -v -f 1-2 2-1 >2only
#
# ssh1 to gpu, cksum my home-page, fix cksum output:
ssh1 -l cyallop gpu.srv.ualberta.ca "cd public_html;find . -type f | sed s/\'/\\\\\\\\\\'/ | xargs -i'{}' cksum '{}'" | sed -e 's/ *\([0-9]\+\) \+\([0-9]\+\)/\1 \2/' >2
#
# Perl version: (original)
perl <1 -e '$a=`cat 2`;while($_=<>){$q=quotemeta;if($a!~/$q/){s/\S+\s+\S+\s+//;print}}' >1-2
perl <2 -e '$a=`cat 1`;while($_=<>){$q=quotemeta;if($a!~/$q/){s/\S+\s+\S+\s+//;print}}' >2-1
perl <1-2 -e '$a=`cat 2-1`;while($_=<>){$q=quotemeta;if($a!~/$q/){print}}' >1only
perl <1-2 -e '$a=`cat 2-1`;while($_=<>){$q=quotemeta;if($a=~/$q/){print}}' >1and2altered
perl <2-1 -e '$a=`cat 1-2`;while($_=<>){$q=quotemeta;if($a!~/$q/){print}}' >2only
Common lines between two files: (1 and 2)
perl <1 -e '$a=`cat 2`;while($_=<>){$q="^".quotemeta($_)."\$";if($a=~/$q/){print}}'
or: xargs <1 -i"{}" egrep '^{}$' 2
All lines in 1 that aren't in 2: (1 MINUS 2, each line is an entry)
perl <1 -e '$a=`cat 2`;while($_=<>){$q="^".quotemeta($_)."\$";if($a!~/$q/){print}}'
or: diff common_lines_ordered_by_1 1 | grep ">" | cut -b 3-
---
# mirror your shell to someone:
echo "tty>2;echo This is from Curtis;echo \(Control-D Closes it\);echo;cat;echo They Exited>"`tty` >1; chmod u+x 1
xterm -display someone:0 -geometry "150x50" -e 1 & sleep 1; script `cat 2`
# talk:
# (^C only kills yours, "jobs/kill")
echo "tty>2;talk $LOGNAME `who -m | awk '{print $2}'`" >1;chmod u+x 1; xterm -geometry "170x50" -e 1 -display someone:0 & sleep 1; talk $LOGNAME `cat 2`
# addition to kill theirs too:
echo $!>pid
trap 'kill -9 `cat pid`' 2
# redirect your window/display:
sleep 1; xwd [-root] |xwud -display someone:0
# ask a question:
xmessage -center -buttons "ok,busy" -timeout 5 "Can I talk to you? -- Curtis" -print
# show what's on their screen:
xlsclients -display someone:0
---
Changing Gif Transparency in Unix:
giftopnm image.gif | ppmtogif -trans #BFBFBF > image-trans.gif
silly hard-to-remove file: ^Ssh<cr>echo >'-i <cr>'<cr>clear;exit<cr>^Q
rm -- '-i <cr>'
rm -i * # may not work
find . -name '*foo*' -print0 | perl -n0e unlink
# Silly alteration of what appears on the ps/w/who list:
ln -s /usr/bin/sleep hacking_into_the_system;(sleep 1;rm hacking_into_the_system)&./hacking_into_the_system 99999
# 9:06pm up 3 days, 11:09, 4 users, load average: 0.24, 0.05, 0.02
#root pts/2 - 9:04pm 2:07 0.06s 0.01s ./hacking_into_the_system 99999
#bash-2.03# ls -l /proc/4908/
#lrwx------ 1 root root 0 Mar 29 21:08 exe -> /usr/bin/sleep*
Misc:
pwd | awk -F"/" '{print $NF}' # Prints all after last '/'
pwd | cut -d"/" -f 1 # Prints all before first '/'
basename `pwd`
dirname `pwd`
Count Max Fields:
awk '{print NF}' | uniq
grep . # del all blank lines (same as "awk 'NF>0'" and "sed -n '/./p'")
cat -s # squeeze multiple blanks lines into 1 blank line
sed 1d # cuts first line
sed '$d' # cuts last line
sed '/start/,/finish/d' # cuts from /start/ to /finish/
sed -n '/start/,/finish/p' # shows only from /start/ to /finish/
awk '/start/,/finish/{print}' # shows only from /start/ to /finish/
sed -n 'N;P' # every 2nd line, odd lines
sed -n 'n;P' # even lines
sed -e "/test/s/$/ action1/" # if /test/ is found, append action1 to EOL
sed -e "/test/!s/$/ action2/" # if /test/ not found, append action2
sed -e 's/[^"]*\("[^"]*"\)[^"]*/\1/g' # <extract quoted strings
tr -d \015 # removes ^M's (CR, dos text files)
# Converting dos/unix text files: (try ^V^M to insert raw ^M)
sed 's/$/^M/' # LF > CRLF
sed 's/^M$//' # CRLF > LF
#switch first and last field: (comma delim)
sed -e 's/^\([^,]*\)\(.*,\)\([^,]*\)$/\3\2\1/'
# print top executing processes: ('n 1' or '-d1' or 'man top' for 1 iteration)
top n 1 | sed -n '/PID/!b;n;N;p' # top 2 processes w/o heading
top n 1 | sed -n '/PID/!b;N;N;N;p' # top 3 processes w/heading
# Identical: (Print only the line matching /^Subject: */)
# 'd' ends the cycle unlike most other commands
# 'b' without a label ends the cycle and acts like the 3rd version
sed -n '/^Subject: */p'
sed -e '/^Subject: */!d'
sed -n '/^Subject: */!b;p'
sed -n '/^Subject: */!ba;p;:a'
# Adds a '<' to the end of each line:
# (shows how to load the entire file into the hold-buffer)
# (note the '$!b' which says if not final line, branch to end)
# (the hold buffer may overflow??)
# (the hold buffer seems to contain a blank line on startup, so I clear it on line 1)
sed -n '1h;1!H;$!b;g;s/\n/<&/g;s/$/</;p'
# notes on sed syntax peculiarities:
'{ cmds }' MUST have newline after each cmd
a,i: end on blank line?
/bin/ls -1 | tr '\n' ' '
echo * | tr -s ' ' '\n'
awk '{s+=$1}END{print s}' # (sum a column) awk -v sum=0 '{sum+=$1}END{print sum}'
# example script: (emulates xargs, processes each line in stdin--find-output)
find dir -type f |
while read file
do grep -q 'abc' $file
if [ $? -eq 0 ]; then echo "$file"; fi
done
# example script: (mv *.abc *.cba, see the sed version of this for a shorter way)
for file in *.abc
do mv $file `basename $file abc`cba
done
# sed version of mv *.abc *.cba:
/bin/ls *.abc | sed 's/.*/mv & &/;s/abc$/cba/' | sh -v
parse passwd:
awk -F: '{print $1, $5}' /etc/passwd
cat /etc/passwd | grep jdoe | awk -v FS=: '{print $1 " " $3}'
bash+bc+printf ex:
while read right wrong ; do
percent=$(echo "scale=1;($right*100)/($right+$wrong)" | bc)
printf "%2d right\t%2d wrong\t(%s%%)\n" \
$right $wrong $percent
done < database_file
Filters Gprof: (into parent,child entries eg for making a call graph)
gprof -b -C -F main | awk '/propagated/,/accumulated/' | egrep "(-|\[)" | perl -e '$_=join("",<>);while(/^\[.*?([a-zA-Z_\(\)]+) \[\d+\]$/gm){$f=$1;($t=$'"'"')=~/-----/;$a=$`;while($a=~/([a-zA-Z_\(\)]+) \[\d+\]$/gm){print "$f,$1\n";}}'
Finds undefined symbols in a.out not in libc: (eg libc.so is incompatible?) (assumes gnu nm output)
ldd a.out
libc.so.1 => /usr/lib/libc.so.1
#ldd is the same as: /lib/ld-linux.so.2 --list /bin/ls
nm -Cu a.out | cut -b -60 | cut -b 12- >aout.nm # cut too-long lines, show only symbol-name (after 12th char)
nm -Cu /lib/libc.so | cut -b 12- >libc.nm # show only symbol-name (after 12th char)
cat aout.nm | xargs -i{} egrep '^{}$' libc.nm >defined_in_libc.common
diff aout.nm defined_in_libc.common >undef.diff
# Shows "size $LIB" and the library's size-sum: (Assumes 4th column of size output is size-value)
size $LIB | awk '{s+=$4;print}END{print "\nTotal: (size-sum)\n"s"\n"}'
Decomment code for a lines-of-code count:
cat *.cpp | perl -e '$_=join("",<>);s#/\*.*?\*/##sg;s#//.*$##mg;print' | awk 'NF>0' | wc -l
# Follows include-tree:
g++ -E -H 2>&1 >/dev/null file.c [| fgrep -v -e /syslibdir1 -e /syslibdir2]
# Does 'g++ -E' on a system include:
echo "#include<map>" | g++ -E -x c++ -
# Show all macros:
g++ file.c -E -dM # -o will now redirect -dM
# Displays base-environment compiler symbols like "__cplusplus":
echo|g++ -E -dM [-x c++] -
# Display all Structures:
gcc -gstabs -S t.c; cat t.s | pstruct
# classes:
cat <files> | grep -v ';$' | grep '^[ \t]*class' [-1]
macro-functions:
semicolon style:
#define MYFUNC(a)
if(tst) MYFUNC(); foo(); >> if(tst) ; foo();
no-semicolon style:
#define MYFUNC(a) ;
if(tst) MYFUNC() foo(); >> if(tst) ; foo();
broken no-semicolon style:
#define MYFUNC(a)
if(tst) MYFUNC() foo(); >> if(tst) foo();
broken no-semicolon style may be good if you want something like:
CONDITIONAL_CODE( mydebug("blah\n"); )
or
ACE_MT( grablock(); )
# cheap unix og-rw trick to "password-protect" a world-write dir
# (this trick works for "password-protected" web-pages as well)
mkdir nosee; chmod 711 nosee; mkdir nosee/H6dd3tu2d
# Determining the shell: (sh/csh)
set|grep sh # determines tcsh/bash/csh (not meant for scripts)
#
echo>/dev/null;test $?a = 0a && echo sh || echo csh
test $?tcsh = 1 && echo tcsh
set | grep BASH_VERSION= >/dev/null && echo bash
#
# setenv/alias, works for bash/tcsh/csh:
echo>/dev/null;test $?a = 0a && eval 'SET="export";IS="="' || eval 'set SET=setenv;set IS=" "'
alias ls${IS}"ls -AF --color"
$SET AAA${IS}hi
#
# setenv/alias, works for bash/tcsh/csh/sh:
echo>/dev/null;test $?a = 0a && eval 'SET="";IS="=";EXPORT="export"' || eval 'set SET=setenv;set IS=" ";set EXPORT="echo>/dev/null"'
eval "$SET AAA${IS}hi; $EXPORT AAA"
#
# lesser ways
#Indicators: $SHELL (bash) $shell (tcsh) $?tcsh
#echo $shell | grep 'csh$' >/dev/null && echo csh
#test -z $shell && echo $SHELL | grep '[^c]sh$' >/dev/null && echo sh
Path to Find Related Files: (eg config/data/resource files)
* "mv utildir somewhere_else/" should NOT screw it up!
relative is best, also consider relative-to-app-origin
env-var(FOO_HOME/FOO_PATH) is better than hard coding
never ever hard-code
$0.real # exe calls exe.real (in same dir)
`dirname $0`/otherexe # exe calls otherexe (in same dir) (req dirname)
# Look for exe in the same directory as this script
DIR="`echo "$0" | sed 's,/[^/]*$,,'`"
ORIGIN=`dirname $0` # where it's stored
Idea: /var/installed-apps/myapp is a symlink to /usr/local/myapp/myapp
#
# Finds ORIGIN in terms of an absolute address: (prepend PWD to relative addresses)
if (echo $0 | grep "^/" >/dev/null); then
ORIGIN=`dirname $0`
elif (echo $0 | grep "/" >/dev/null); then
ORIGIN=$PWD/`echo $0 | sed -e 's;/[^/]*$;;'`
else
ORIGIN=$PWD
fi
# Works in either sh/csh:
sh -c 'echo "Error" 1>&2'
interactive?:
sh: if [ -t 0 ]; then ... fi
c: if(isatty(0)) { ... }
csh: if ( $?prompt) ...
# deletes zero-size files:
# note: (DAMN QUOTES IN FILESNAMES) null or perhaps newline are good delimiters
# In sh: "$var" is how you pass var on as an arg, plain $var (no quotes) will expand spaces in $var to form separate args out of var
# But, xargs -i sh -c 'echo "{}"' is NOT ok, {} is not a shell-var!
/bin/ls | perl -pe 's/\n/\0/' | xargs -0i sh -c 'test ! -s "$0" && echo "$0"' {} | perl -pe 's/\n/\0/' | xargs -0i rm {}
# searches for any mention of the problem (eg faqs/readmes/comments)
# ie install prob or error message
find . -type f | xargs fgrep KeywordRelatedToProblemEgMissingDLLorHeader
# $! is wonderful as well as !blah, eg:
g++ foo.c -o foo
vi $!
./foo
!g
!v
!.
idea: bdiff and bpatch(for binary) can be done with diff/patch/uuencode/uudecode (untested)
idea: spreadsheet -nogui -import 'A,B,C' -export 'H1-50,I1-J25' mycalcs.spreadsheet <imported.dat >exported.dat
assert(!"not implemented!");
#define TEMPFILE (temfile[0]? temfile: (tmpnam(temfile), temfile))
The opposite to atoi is not itoa, it's sprintf
# gviz = awesome tool to make graph diagrams (eg call-graph) (from Bell-labs)
./dot -Tps 1.dat -o g.ps
--- Linux Examples:
LoadLin: (from a kernel&root-disk image)
note: a boot-disk image is not always a kernel image
(ie see Slack kernels dir, not boot-disk images)
loadlin vmlinuz root=/dev/ram rw initrd=rescue.gz vga=ext
Creating a Linux swap space:
dd if=/dev/zero of=swapfile bs=1024 count=65536 || fdisk (create swap partition)
mkswap swapfile || mkswap /dev/hda# (hda# = swap partition)
swapon swapfile (edit fstab for future boots to see it)
sync # flushes fs buffers manually
Sample soundblaster setup line:
modprobe sb io=0x220 irq=5 dma=3 dma16=5 mpu_io=0x300
Script for making a vmlinuz/lilo boot disk: (Slackware?)
makebootdisk (or makedisk?)
Manually Shutting Down: (Linux)
cd /
echo "Shutting Down" >etc/nologin
wall <etc/nologin
killall5 -1, killall5 -15, killall5 -9
sync;sync
umount -a
telinit -s
Runlevels 0, 1, and 6 are reserved. Runlevel 0 is used to halt the
system, runlevel 6 is used to reboot the system, and runlevel 1 is used
to get the system down into single user mode. Runlevel S is not really
meant to be used directly, but more for the scripts that are executed
when entering runlevel 1. (3=multiuser, 4=xdm-multiuser)
runlevel: prints runlevel
telinit/init [0-6s] : goto that runlevel
# Booting:
bootstrap loader, init
init forks getty, getty reads user/pass & execs login, login execs shell
when login/shell exit, init reforks getty
For no user/password: set login to point to sh
# To disable an account, change their shell to a tail-script:
#!/usr/bin/tail +2
This account has been closed due to a security breach.
Please call 555-1234 and wait for the men in black to arrive.
Example of Setting Linux Networking:
ifconfig eth0 172.16.0.3 netmask 255.255.255.0 broadcast 172.16.0.255
#route add -net 172.16.0.0 netmask 255.255.255.0 dev eth0 # Done automatically by ifconfig in new kernels
route add default gw 172.16.0.1 netmask 255.255.255.0 dev eth0
Sets up IP-Masq:
/sbin/ipchains -P forward DENY
/sbin/ipchains -A forward -i eth0 -s 172.16.0.0/24 -d 0.0.0.0/0 -j MASQ
Make Linux Kernel:
make menuconfig || make xconfig || make config
make dep && make clean && make bzImage
ftp://ftp.yggdrasil.com/mirrors/sunsite/kernel/
http://www.kernel.org/pub/linux/kernel/
Use Linux Cdrom:
/dev/hdc /cdrom iso9660 ro,noauto,user 0 0
mount /cdrom umount /cdrom
#chmod 666 /dev/scd0 #chmod 777 /cdrom
scsi: mount /dev/scd0 -t iso9660 -r /cdrom umount /cdrom
ide: mount -t iso9660 /dev/hdb /cdrom
Make a CD image: (Rockridge, all files incl dot files)
mkisofs -o /tmp/image-101098.iso -a -L -R -V VolumeName .
cdda2wav -D/dev/hdc -H [-t1] [-v#] [audio.wav] # t=track v=cd-info-verbosity
bladeenc audio.wav... [-DELETE] # creates audio.mp3
# perl -e 'print join(\n,2..4)' | xargs -i cdda2wav -D/dev/hdc -H -t{} track{}.wav
# cdda2mp3 [#...} # optional track numbers, defaults to all tracks (it's a script by me)
# list all tracks:
# cdda2wav -D/dev/hdc -v 17 -J 2>&1 | sed '1,/^Table/d;/^Table/,$d' | perl -ne 's/(\d+)\.\(/print "$1\n"/ge'
# vi s&r to go from '03 SongName' to 'mv track03.mp3 ArtistName-03-SongName.mp3'
%s/\(..\) \(.*\)/mv track\1.mp3 ArtistName-\1-\2.mp3/
PPP Tunnel? pppd /dev/cua1 115200 172.16.1.249:172.16.1.248 crtscts defaultroute mru 1500
This will backup /dev/hda's table:
dd if=/dev/hda of=/mnt/floppy/MBR bs=512 count=1
Use this to restore the table:
dd if=/mnt/floppy/MBR of=/dev/hda bs=446 count=1
Zero-cost Route
route add network 201.2.14.0 `hostname` metric 0
Virtual Interface
ifconfig eth0:1 inet 192.168.1.135netmask 255.255.255.0 up
Set Mac Address Manually:
ifconfig eth0 mosheb-eth0 ether 8:0:ae:83:1:2
# Unarcing a rpm using cpio/gzip/rpmoffset: (ripped from slack's rpm2tgz)
dd ibs=`rpmoffset < FILE.rpm` skip=1 if=FILE.rpm 2> /dev/null | gzip -dc | cpio --extract --preserve-modification-time --make-directories
# Using rpm: -q[p][li] -qa
rpm2cpio file.rpm | cpio -itv | less # list rpm contents
rpm -ql <packagename> # list contents of rpm
rpm -q <packagename> # check if package is installed
rpm -qa | grep <packagenamepart>
rpm -qpi koules-1.2-2.i386.rpm # display description
rpm -qpl koules-1.2-2.i386.rpm # list rpm contents
# list valid, current users:
last | awk '{print $1}'|sort|uniq
# User usage times: (for current month)
last -y | fgrep `date +%b` | fgrep `date +%Y` | fgrep -v crash >last.out
# summarize usage per user: (in hours)
cat last.out | perl -ne 's;^(\w+).*\((?:(\d+)\+)?(\d\d):(\d\d)\)$;$t{$1} += (($2*60 + $3 + $4/60)."\n");e; if(eof){for $key (keys %t) {print $key." ".$t{$key}."\n"}}'
# summarize usage per user per day: (in hours)
cat last.out | perl -ne '($d=$_)=~s/^.*(\w{3}) (\w{3} +\d+ \d{4}).*/$2 ($1)/s; ($u)=/^(\w+\s+)/g; s;\((?:(\d+)\+)?(\d\d):(\d\d)\)$;$t{"$d $u"} += (($1*60 + $2 + $3/60)."\n");e; if(eof){for $key (keys %t) {print $key." ".$t{$key}."\n"}}' | sort
# overnight logins (probably idle, unterminated)
cat last.out | fgrep +
# remote-logins/ftp:
cat last.out | fgrep -v -e reboot -e shutdown | perl -ne 'substr($_,0,44)=~s/^\S+\s+\S+\s+(\S+)/print/e;s/ftp/print/e'
# summarize usage/login-count/time-range per user per day:
perl -ne '($d=$_)=~s/^.*(\w{3}) (\w{3} +\d+ \d{4}).*/$2 ($1)/s; ($u)=/^(\w+\s+)/g; if(/\((?:(\d+)\+)?(\d\d):(\d\d)\)$/){$t{"$d $u"} += $1*60 + $2 + $3/60} ++$count{"$d $u"}; ($start,$end)=/\d\d:\d\d/g; if($max{"$d $u"} lt $end){$max{"$d $u"}=$end} if($min{"$d $u"} gt $start or !defined($min{"$d $u"})){$min{"$d $u"}=$start} if(eof){for $key (keys %t) {printf "%s%.2f\t%s-%s\t%d logins\n",$key,$t{$key},$min{$key},$max{$key},$count{$key}}}' | sort
# Setting up:
/etc/resolv.conf: search foo.com nameserver 1.2.3.4
# Setting up RedHat:
/etc/sysconfig/network: GATEWAY=1.2.3.4 HOSTNAME=foo
/etc/sysconfig/network-scripts/ifcfg-eth0: IPADDR=1.2.3.4
dircolors <-b|-t> # some nicer versions have --help
# as in eval `dircolors -b` in /etc/profile or ~/.bash_profile
# ~/.dir_colors || /etc/DIR_COLORS
0 to restore default color
1 for brighter colors
4 for underlined text
5 for flashing text
3C=fore, 4C=back
C: 0-7: black red green yellow/brown blue purple cyan white/gray
? YODL: Yet another doc language (source > html/man/latex)
[un]pwconv # convert using /etc/passwd to using /etc/shadow
XF86Setup # configure X (nice)
? netconfig # slack?
? pppconfig # RH?
# Opinions on Xterms:
gnome-terminal: sweet! --utmp xwininfo-geometry works! color-selection kicks ass(damn squinty blue) alt-f is not bound. nice prefs!
right-mouse is good, both menu and selection
slow and heavy-weight(slow alt-tab)
-misc-fixed-medium-r-normal-*-*-200-*-*-c-*-iso8859-1
-adobe-courier-medium-r-normal-*-*-140-*-*-m-*-iso8859-1
rxvt: no wtmp entry? scrollbar on wrong(left) side (lag on alt-tab away)
kvt: copy/paste isn't multiline, double click stops on /, right-mouse fails, big paste buffer screws it
xterm: athena scrollbar on wrong(left) side, double click stops on /, very configurable--if you decipher how (lag on alt-tab away)
-*-*-*-*-*-*-20-*-*-*-*-*-*-*
konsole: no wtmp entry? paste gets extra spaces on last line of buffer, right-mouse fails
--- Kernel module ex:
root@localhost>vi heya.c
#define MODULE
#include <linux/module.h>
int init_module(void) {
printk("<1>Heya linux!\n");
return 0;
}
int cleanup_module(void) {
printk("<1>Later, linux!\n");
return 0;
}
~
root@localhost>gcc -c heya.c
root@localhost>insmod heya.o
root@localhost>rmmod heya
---
flash: uses talk request to say from:GARBAGE and screw the terminal
"This little program is intended to quickly mess up a user's"
"Phrack Magazine", "Volume Six, Issue Forty-Seven"
printf "\033c\033(0\033#8";printf "\033[1;3r\033[J"; printf "\033[5m\033[?5h"
printf "\033(0\033#8"; printf "\033[1;3r"; printf "\033[1;5m\033(0"; printf "**\030B00"; printf "\033**EMSI_IRQ8E08"
mflash: puts the flash in the mail-subject to screw pine/elm/console-mail readers
--- remember
not.prune maxdepth1 +111(exe) +4000(su) +2000(sg) (+any -all eq)
PATH|tr\ |xargs-ls MANPATH|tr\n|xargsi-find{}name
RcptMailFrom STD (DFST)
-icanon|cbreak
nohup fuser envi
xwininfo[-root] xlsclients xprop xdpyinfo
rpmp: rpm -q[p][li] -qa cpio-rel
# whoami? who's logged on? what's happening? net-settings? machine-info?(OS/cpu/mem/hd)
5iwtpl 6nduhdu 3psfsns last-dmesg-uname-df
mc: 3view 4vi 5cp 6mv 7mkdir 8del 10quit C-\ hot-list 2-@ run-command-on-it
perl zero-width regex assertions: ?! ?= ?<= ?
<script type="text/javascript"><!--
amzn_cl_tag="bigbrotherorg-21";
amzn_cl_link_target=0;
//--></script>
<script type="text/javascript"
src="http://cls.assoc-amazon.de/de/s/cls.js"></script>
<script type="text/javascript"><!--
amzn_cl_tag="bigbrotherorg-21";
amzn_cl_max_links=20;
amzn_cl_link_color="0000FF";
amzn_cl_link_style=3;
//--></script>
<script type="text/javascript" src="http://cls.assoc-amazon.de/de/s/cls.js"></script>
</div><div id="bottomcontent"><a href="http://www.mozilla.org/products/firefox/" target="_blank" title="Get Firefox - Web Browsing Redefined"><img src="/images/getfirefox_large.png" width="98" height="31" alt="Get Firefox"></a><a href="http://www.againsttcpa.com/" target="_blank"><img src="/images/againsttcpabutton.gif"alt="notcpa"/></a></div><script src="http://www.google-analytics.com/urchin.js" type="text/javascript"></script><script type="text/javascript"> _uacct = "UA-2728432-1"; urchinTracker(); </script>
</body></html>
]]>